Medical Devices and the Risk of Cyber Security Attacks

Written by IEEE | June 14, 2016

Medical device technology is a field that has seen huge growth across all sectors of healthcare. But with advancements in technology comes the demand for enhanced security measures. The cybersecurity concerns associated with medical technology are twofold: confidentiality of data and the possible manipulation of the devices which can alter effectiveness or cause harm.

Advances in medical technology have resulted in many more devices connecting to the internet or to hospital networks. While this can make it easier for doctors to connect with patients, it also makes it easier for someone to steal data or hack into the device itself.

In the past, the FDA would have to decide if the product was safe enough for human use, now they are also tasked with evaluating the potential cybersecurity risks posed by the device. If the benefits outweigh the risks, then it will be approved.

Protecting patients from cybersecurity threats is a critical component of supporting innovations in medical technology. The FDA is looking to the manufacturers of medical devices for assistance in minimizing cybersecurity risks. They have published a guide with important steps that companies need to take to continually address possible risks. While manufacturers will build security measures into their devices, it is the post-market monitoring that must be vigilant as cybersecurity attacks are ever changing.